hashcat Forum
Decrypting usenet headers - Printable Version

+- hashcat Forum (https://hashcat.net/forum)
+-- Forum: Support (https://hashcat.net/forum/forum-3.html)
+--- Forum: hashcat (https://hashcat.net/forum/forum-45.html)
+--- Thread: Decrypting usenet headers (/thread-5896.html)

Pages: 1 2


RE: Decrypting usenet headers - Somnambulist - 10-08-2016

(10-03-2016, 07:04 PM)pragmatic Wrote: Thanks for the samples, Somnambulist. I'm not seeing any obvious patterns, but it's strange though, it seems like every one of them is missing at least one character.

Even the original sample seemed to be a character short, although at the time i assumed it was just dropping the second equals sign. But for these, assuming this really is base64 which it certainly appears to be, it's missing at least one (non-equals) character to be valid base64.

Any chance there's a character getting lost in translation somewhere?

That's odd, no these are the headers verbatim from usenet (sans the "X-Trace: " part which is just the header field). Could this missing character be the key to decoding it? Not really all that versed in how base64 works, but what if their encoding is just normal base64 and then removing a given character?


RE: Decrypting usenet headers - Somnambulist - 10-09-2016

(10-08-2016, 06:14 PM)Somnambulist Wrote:
(10-03-2016, 07:04 PM)pragmatic Wrote: Thanks for the samples, Somnambulist. I'm not seeing any obvious patterns, but it's strange though, it seems like every one of them is missing at least one character.

Even the original sample seemed to be a character short, although at the time i assumed it was just dropping the second equals sign. But for these, assuming this really is base64 which it certainly appears to be, it's missing at least one (non-equals) character to be valid base64.

Any chance there's a character getting lost in translation somewhere?

That's odd, no these are the headers verbatim from usenet (sans the "X-Trace: " part which is just the header field). Could this missing character be the key to decoding it? Not really all that versed in how base64 works, but what if their encoding is just normal base64 and then removing a given character?

Maybe not, I wrote a script that inserts every character between a-zA-Z0-9 (62 different characters) into each possible position into the string (49 characters) which makes for 62 * 49 = 3038 different strings, and I base64-decoded each and got nothing substantial.